/**
 * 
 */
package com.wubo.sec.acl;

import com.wubo.sec.SecurityManager;
import com.wubo.sec.acl.core.AclManager;
import com.wubo.sec.acl.core.EntityAcl;
import com.wubo.sec.core.UserData;
import com.wubo.sec.model.Group;
import com.wubo.sec.model.User;

/**
 * @author WuBo
 * @CreateDate 2012-4-23
 */
public class UserAcl extends EntityAcl {
	private User user;
	public UserAcl(User user){
		this.user = user;
	}

	@Override
	public int getAcl() {
		UserData curuser = SecurityManager.getCurrentUser();
		if(curuser == null){
			return AclManager.getInstance().getAcl("ACL_GET");
		}
		if(curuser.equals(user)){//自己
			return AclManager.getInstance().getAcl("ACL_GET", "ACL_PUT");
		}
		if(SecurityManager.isAdmin()){//管理员
			return AclManager.getInstance().getAllAcl();
		}
		if(user.getOwner().equals(curuser.getUsername())){//创建者
			return AclManager.getInstance().getAllAcl();
		}
		Group cgroup = curuser.getGroup();
		Group sgroup = user.getGroup(); 
		if(cgroup.getPriority() > sgroup.getPriority() 
				&& ( !cgroup.isMarkLocked() || cgroup.getMark().equals(sgroup.getMark()) )){
			return AclManager.getInstance().getAllAcl();
		}
		return AclManager.getInstance().getAcl("ACL_GET");
	}

}
